Security Advisory

CVE-2019-10719

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-06-21 18:11:57

Last updated 2024-08-04 22:32:00

Assigner mitre

State PUBLISHED

Description

BlogEngine.NET 3.3.7.0 and earlier allows Directory Traversal and Remote Code Execution because file creation is mishandled, related to /api/upload and BlogEngine.NET/AppCode/Api/UploadController.cs. NOTE: this issue exists because of an incomplete fix for CVE-2019-6714.

← Browse all CVEs View on cve.org ↗